IETF Logo Mail Archive

Re: [TLS] datacenter TLS decryption as a three-party protocol

Ted Lemon <mellon@fugue.com> Mon, 24 July 2017 09:28 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A79221317CC for <tls@ietfa.amsl.com>; Mon, 24 Jul 2017 02:28:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NO-DJsVnN2p3 for <tls@ietfa.amsl.com>; Mon, 24 Jul 2017 02:28:55 -0700 (PDT)
Received: from mail-qk0-x230.google.com (mail-qk0-x230.google.com [IPv6:2607:f8b0:400d:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 16D1712EC4B for <tls@ietf.org>; Mon, 24 Jul 2017 02:28:55 -0700 (PDT)
Received: by mail-qk0-x230.google.com with SMTP id d145so41460339qkc.2 for <tls@ietf.org>; Mon, 24 Jul 2017 02:28:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=TqqV6cGRbSyTkrk4Xnki+Y3mlYdXTClHY1k8e3InMtU=; b=wRPAOGB9M1DAEGxSJcjP9gl4DVPcl68fe6hjsvzzBP9f/SXrZ05Cd1ojR7jm1adMlU asCRKTgELxg/SLHqvB4ana6JsgpIuAgEEi2fAhiX6iK3udulltM4sxYVEpHhdOeO5whh wErL6qCr62A57enYhaHhhTnPAvpqtDJRDp9TyU/vGg4TXvc8mEvPv8hHY07/ttsrMZdK OZ0QIQiUDJABqtIxRx2prZ6gxJr6f7d5ZQHu+8NgaK/AQ6a4/vmZjcd8HtCAeEGDXYCS QaqX0TanpNhkwcnO9su95By4rNReFYHmYDNnAGsZ97IvEhYfR3wP+rhWoa1D7EPqCZjW 8qGw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=TqqV6cGRbSyTkrk4Xnki+Y3mlYdXTClHY1k8e3InMtU=; b=t+e7/EaBUoiSLfczZJ+/C0yRGMhQZ9rycvxojKK8/QWqVQxdUG/0fMRw+bvWRJDRBy tMttFagYPUrKxTFCxv6jyrckHf3pXlWNVIt6p1YMuviXqR2dUi/C7z6dAoyfLuZY+Ix0 Kzu7RbhRvoi1h919ahFSSH76Kw1lpK2a/Sdwdtspo4vGddxfJEo62ez1wRNs1F8RVWVk 9Z3QfwIOfX0WBLE/tBQHYqWJi20M+ebiTwlVKrd9I07m++y9CI1g47rJ6W094CxWdnOZ RfVm1rJOUugBL+vIokEYJBunAWS8Nz8LfxkD0PccpbFPIVTeCc9UAgtCKzwCCihnNmhJ 3UzA==
X-Gm-Message-State: AIVw112oitCC+QF9sWJR/AZG5nax1+VOViQ8T8D0l2nmemkq5iJB+R2Q eavFS9FmBa/0PxJg6DFKmQ==
X-Received: by 10.55.111.2 with SMTP id k2mr20734626qkc.230.1500888534137; Mon, 24 Jul 2017 02:28:54 -0700 (PDT)
Received: from [10.0.30.153] (c-73-167-64-188.hsd1.ma.comcast.net. [73.167.64.188]) by smtp.gmail.com with ESMTPSA id l3sm1447097qkb.83.2017.07.24.02.28.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 24 Jul 2017 02:28:53 -0700 (PDT)
From: Ted Lemon <mellon@fugue.com>
Message-Id: <388DA0F2-E3FC-47D2-B97C-D244ACE50E61@fugue.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_A53E675E-CDDD-426F-AFFB-78C632D97EDF"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Date: Mon, 24 Jul 2017 05:28:52 -0400
In-Reply-To: <C76720C5-7BB6-4AB4-8A2D-7569EC57D15D@ll.mit.edu>
Cc: "<tls@ietf.org>" <tls@ietf.org>
To: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
References: <CAAF6GDeFuRy0DN6w3FwmR_nh1G=YBi4+qiEcw0MfSRj4SUCbZQ@mail.gmail.com> <20170720200114.AA2F91A6CB@ld9781.wdf.sap.corp> <06AE85BC-87AD-4CA5-8408-44F670358701@ll.mit.edu> <20170720203238.e66zurx5yn2jja3a@LK-Perkele-VII> <17109486-336E-44C0-B9FC-D65EE14310B5@ll.mit.edu> <20170723070240.x7kmynzmu4jqco5t@LK-Perkele-VII> <C0772D29-CB26-418F-981B-BC2E2435E655@ll.mit.edu> <35FD3356-8300-405A-B8D8-FC2574DB9A56@fugue.com> <CE89217F-972F-4F37-B8BA-925AE1FE8D68@ll.mit.edu> <44105D6B-4CE0-4C3C-ACFA-30EF1D8AA8F7@fugue.com> <C76720C5-7BB6-4AB4-8A2D-7569EC57D15D@ll.mit.edu>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/wKouYSi5l3mmxbDvKaJyMnaQKWA>
Subject: Re: [TLS] datacenter TLS decryption as a three-party protocol
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Jul 2017 09:28:57 -0000

On Jul 23, 2017, at 9:01 PM, Blumenthal, Uri - 0553 - MITLL <uri@ll.mit.edu> wrote:
> What I am trying to avoid is the ability to *surreptitiously* subvert a protocol that’s assumed to be secure.

You don't seem to be hearing what I'm trying to say.   What you are proposing is physically impossible.   It is always possible to surreptitiously subvert the protocol.   This is not an achievable goal.   What you get if you implement what you are proposing is a protocol that's easier for an on-path attacker to subvert, not a protocol that is harder for an end-point attacker to subvert.

v2.23.0 | Report a Bug | By Email